Re: AJAX Requests – Accept POST and GET
I know this probably does some harm to server security and makes the data integrity a little bit more questionable.
As you recognize, increasing programming flexibility at the expense of platfrom security is not the proper tradeoff. Your request for the ability of BuddyPress plugins to make cross-domain application calls is such a security risk.
As an Open Source project, you are free to hack the core features of your copy of BuddyPress as you see fit. Just remember that if your server and data get compromised because of your hacks, we will not be able to offer any support.